SECURITY-AUDIT-CENTER - A SUGGESTED MODEL FOR EFFECTIVE AUDIT STRATEGIES IN HEALTH-CARE INFORMATICS

As dependence upon interorganizational and international health care i nformatics becomes absolute, and with increased vulnerability of infor mation networks and applications and the cunning sophistication of com puter criminals, it becomes imperative to implement tight information systems security to ward off any possible threat to these vital life-d ependent information systems. In a rapidly decentralizing environment, the author proposes centralized security control, implemented in a Se curity Audit Center under the direct supervision of an Information Sys tems Security Manager who is a high-ranking organization staff member. Of the various components of the Security Audit Center, the most sign ificant is the security audit expert systems which analyze audit data files according to security rules and present a precise status of syst ems security and realtime suspision alert of the various breaches and intrusions.